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REPORT OF AUDIT 

Office of Data Processing 
For the Period 
1 October 1980 to 30 April 1982 
Summary 
1. Financial and logistical controls, procedures and 

records of the Office of Data Processing (ODP) were, except 
as noted below, in accordance with Agency regulations. 
Prior audit recommendations, with the exception of one 
that pertains to disaster recovery, were satisfactorily jte 


resolved. 


2. The ODP/Deputy Directorate for Applications is a Ae 
being reorganized to improve efficiency, effectiveness and 
control over development and maintenance of computer systems. 
The audit indicated that considerable benefit should accrue 
to the Organization from these efforts and from the resulting 
implementation of new and revised standards for quality 
assurance in the development and maintenance function. 
Employees were found to be highly committed to the objectives 
of the reorganization. The ODP is to be commended for this 


endeavor to improve services. 
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3. This report includes comments and recommendations 
concerning the following: 
° reducing the number of seldom used and unneeded 


tapes in storage to alleviate overcrowding 


recording additional information in the tape 


destruction process to improve security 


strengthening control to ensure that only 


authorized personnel can check out tapes — 


completing a written disaster recovery plan 


to reduce service interruption in emergencies 


: oe 
° discontinuing giving out passwords over the G28) 


telephone to improve security 


requesting implementation of a new property 


control system to improve efficiency, and 


° updating hand receipts as required to improve 


control over property on loan. 
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Scope and Purpose 


4. The audit included a review of administrative 
functions to evaluate the effectiveness of controls and 
procedures and to assure compliance with Agency regulations. 
Financial and logistical transactions were tested to determine 
that documentation, approvals and certifications were in 
accordance with applicable accounting and reporting require- 
ments and to ensure that expenditures were within the scope 


of authorized activities. 


5. The audit also included reviews and tests in both 
computer centers to determine that established procedures 
and other documentation were sufficient, adequate and followed 


to protect against potential security and safety risks. 


6. <A survey of ODP applications was performed to review 
the reorganization and.to identify the standards and procedures 
to be used in the forthcoming quality assurance program. 
Because the reorganization is still in process, no tests were 
conducted to determine compliance with the standards and pro- 


cedures. 
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Background 


7. ODP provides a central computer service to satisfy 


automatic data processing (ADP) requests from Agency components 


“and to satisfy Intelligence Community requirements as assigned. 


In performing this service, ODP has as of 30 April 1982 a 
personnel ceiling of[ __|to: 


° review and coordinate Agency proposals for the © 
acquisition of computer hardware (including word 


processing equipment), software, and services 


operate two computer centers (Ruffing and Special) 
to provide facilities and services for batch and 
interactive computer processing, data base 
management, and on-line information storage and 


retrieval, and 


perform analysis of requirements for ADP services, 
develop and implement application systems, perform 
maintenance and production control of completed 


application programs. 
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Detailed Comments 


Tape Library Capacity 


? 
10. Opportunity exists to provide needed storage space in 


the Ruffing Center tape library by reducing the number of 
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seldom used and unneeded tapes in storage. Lack of storage 
space for about 38,000 tapes requires storing approximately 
4,500 of them adjacent to the library in the computer center. 
This increases the already overcrowded conditions in the 
center and decreases security since these tapes are not safe- 
guarded by the library's additional fire protection and more 
central location for improved monitoring. While the library 
may ultimately need to be enlarged, it may be possible to 


store all necessary tapes in the library by eliminating tapes 


not requiring current access. 


11. Although ODP has a policy to archive tapes not used 
in six-months, space is wasted by not strictly enforcing the 
policy and by honoring requests > petaia such tapes in the 
library beyond that time. It appears that thousands of these 
tapes could be purged from the library. For example, of tapes 
expiring after eleven years, audit identified 3,492 that were 
unused in the previous twelve months, while 7,718 were unused 
in the previous six-months. In total, twenty-five per cent, 
or 9,600 of all ODP tapes were unused in the previous six-month 


period tested. 


12. This suggests some non-compliance with the six-month 
retirement policy, possibly because ODP honors user requests to 
retain such tapes in the library beyond that period. The re- 


tirement policy by itself, if more strictly enforced by 
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retiring unused tapes to archives, could conceivably provide 
the space needed in the library to eliminate storing tapes 


in the computer center. 


13. While tape reductions are possible by enforcing the 
retirement policy, even further reductions are possible by 
not automatically storing tapes unneeded during the initial 
six-month storage period. Archival action on new tapes is 
taken only after an initial, automatic six-month storage 
period to provide time for use-patterng to: develop. In the 
meantime, space is wasted by automatically storing thousands 
of these tapes. Also, librarians report that users waste 
space in both Headquarters and archives by creating many 
unnecessary tapes and tapes with over-long pevention periods, 


thus providing even more opportunity for reductions. 


14. Reductions in such tapes are currently not possible 
since no requirement exists to identify and retire them 
before the expiration of the six-month storage period. A 
reasonable requirement to facilitate reductions could entail 
ADP Control Officers identifying such tapes on present Tape 
List inventories already forwarded weekly to them for in- 
formation. Since no action is presently required on these 


lists, required feedback identifying suspect tapes ona 


? 
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_continuing basis could provide the impetus for retiring them 


to archives or scratching them on a more current basis. 


15. Incentive for compliance with such a procedure could 


involve requiring ADP Control Officers tg_certify to their 


superiors the necessity for storing tapes remaining on respec- 


penton 


tive lists and for using long-term expiration dates. Other . 


possibilities for reductions include requiring special 
approval to create tapes with long-term expiration dates 
together with system controls to automatically restrict their 


creation without these approvals. 


16. ODP should consider initiating these or other 
appropriate procedures to help reduce overcrowding. Although 
ODP reviewed this area about two years ago, another review 
appears to be in order in accordance with] | Since 29X1A 
storing unused tapes is a luxury not easily afforded, ODP 
officers indicated a willingness to again look into this 


matter for possible improvements. 


Recommendation #1: Review tape handling 
procedures to alleviate overcrowding by 
reducing the number of seldom-used and 

unneeded tapes in storage, and consider: 


i 
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increasing compliance with the 


six-month tape retirement policy 


° requiring ADP Control Officers to 
provide feedback identifying sus- 


pect tapes 


° requiring ADP Control Officers to 
certify in writing the necessity 
for storing tapes and using long- 


term expiration dates and, 


requiring special approval to 
create tapes with long-term 


expiration dates. 
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Tape Destruction Controls 


7. Controls and security can be improved in the Ruffing 
Center tape destruction process by recording additional 
information in the tape destruction records. While records 
contain appropriate information on tapes initially packed 
by the library for destruction, they contain no information 
on tapes subsequently transported from the Tibrarye, Cogsussed: 
and burned. Since destruction activities expose tapes to 
compromise outside the Ruffing Center, procedures should be 
revised to add assurance that tapes earmarked for destruction 
are actually destroyed. In addition to reflecting the initial 
preparation process, the records should be expanded to reflect 
pertinent information on the entire destruction process. 
This should not entail new recordkeeping but only a change 
in the records being kept. Present records do not reflect 
this information due to library personnel being unfamiliar 
a with needed controls. Details for improving recordkeeping 
degen pnt were discussed with library personnel and they agreed to 
| consider audit suggestions in their quest to identify needed 
revisions. 
Recommendation #2: Revise tape 
destruction records to include 
information on the entire tape 


degtruction process. 
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Tape Check-Out Control 


!8. Strengthened control is needed to ensure that only 
authorized personnel are allowed to check out ODP tapes 
from both the Ruffing and Special Computer Centers. Anyone 
with a badge can presently check out a tape by merely identi- 
fying the reel number and dataset name. While this appears 
to be an adequate control, compromise is possible as various 
computer listings contain this information making it avail- 


able to unauthorized personnel. 


]%. Improved aunty would entail matching a badge number or 
name’ to computer system information that authorizes check-out 
privileges. Such a control is available in the Access Control 
Facility-2 (ACF-2) system presently used by ODP to verify 
authorization to remove category Y and Z tapes. Although 
ODP tapes are subject to withdrawal, they have not been 
accorded this control because they are subject to considerably 
less frequent withdrawal than are Y and Z tapes. We were 
informed that since ACF-2 is already being used to control 
some tapes, it could be used to control all tapes and bm prove. 
security, 

Recommendation #3 : Improve 

security by implementing ACF-2 pros 

cedures for withdrawal of ODP tapes 


£rgm tape libraries. 
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Disaster Recovery Plan 


20. Due to resource constraints, ODP has failed to develop 
a comprehensive disaster recovery plan, despite efforts to 
comply with past audit recommendations in this area. Although 
ODP still intends to eventually develop a comprehensive 
disaster recovery plan, their efforts to date indicate that it 
will be expensive, difficult and therefore perhaps less com- 
prehensive than originally envisioned. Meanwhile, ODP should. 
consider a more modest plan, but still capable of being 


effective. 


21. A more modest plan at more acceptable cost and effort 
can still minimize the magnitude of service interruption in 
an emergency situation, Since ODP already knows many of the 
actions to take in an emergency, these actions should be 
consolidated into a single tanning document. Topics to 
cover include: requirements in notifying management, vendor 
and other personnel needed in an emergency; requirements in 
effecting agreements with vendors regarding emergency 
assistance and with Agency components regarding applications; 


requirements in technical areas; and similar considerations. 


12 
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22. The objective of such a plan would be to implement a 
practical and workable disaster recovery program within the 
framework of resource constraints. Because of Agency de- 
pendence on data processing, it is important that such a plan 


be developed. 


Recommendation #4: Develop a disaster 
recovery plan that minimizes risk 


within resource constraints. 
Password Control 


23. Customer Services Staff improved security during the 
audit when it ceased services giving out passwords over the Kenre 
telephone. Although passwords were being provided over | 
secure lines to users requesting chen, the inability to 
properly identify the caller presented possibilities for 


unauthorized access to the system. After learning of this, 


ODP management gave assurance that the practice would stop. 


24. This was being done as a convenience to users who 
ae Start aad 
requested their passwords over thegtelephone after having 


forgotten them. Discontinuance of this service will result 


? 
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in some regretable but necessary inconvenience to users. 

ODP indicated that in the future passwords will only be 

given out in person after proper identification is pre- 
sented. They also explained that a procedure may be developed 
to securely provide this service over computer terminals. 


No recommendation is thus considered necessary. 


Property Procedures 


25. ODP igisvies personnel maintain duplicate automated 
and manual records on which to record Type II Property trans- 
actions. While the automated portion augments the manual 
system, supporting duplicate records is costly and time 
consuming. Since ODP expends considerable effort in main- 
taining one of the largest property accountability systems 
in the Agency, a single system would be more efficient and 
effective. Such a system exists in the Agency Standard 
Automated Property System (ASAPS) recently implemented by 
the Office of Logistics to satisfy requirements for Type II 
property accounting and intended as a replacement for 
existing systems. ASAPS would provide an online capability 
and would replace many of the labor intensive and paper, 
dependent processes now in use. Although implementing ASAPS 
would entail data conversion and orientation problems, the 


? 
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long term benefits of the system should outweigh these initial 
disadvantages. ODP agreed to consider replacing its present 


property system with ASAPS. 


Recommendation #5: Request implementation 
of ASAPS as a replacement for the property 


records currently in use. 


‘Property on Loan Controls 


26. Property items on loan for which Engineering Division 
is responsible are not controlled in accordance with regulations. 
Property on loan at the time of audit consisted of seventy-one 
computer terminals and related equipment. Improvement is 
needed in the inventory and record-keeping procedures used to 
control this property: The division conducts the annual 
inventory of property on loan over the telephone with loanees 
in lieu of having them re-sign hand receipts. Also, the 
division could not initially locate twenty-nine hand receipts 
for audit; apparently the receipts were lost, misplaced or 


never obtained. 


27. Hand receipts for property on loan are required by 


regulation to be obtained and updated by signature at least 
rs 
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annually, preferably in conjunction with the physical inventory. 
During the audit the division resolved the question of missing 
hand receipts by finding them, obtaining them from loanees 

or effecting return of the property involved. The question 

of not updating hand receipts by signature or effecting 

return of the property remains to be resolved. Although 
Engineering Division was fully aware of the requirement for 
obtaining and maintaining hand receipts, they were not fully 
aware of the requirement for obtaining annual signatures on 
hand receipts. While they prefer using the convenience of 

the telephone to update hand receipts, they agreed during the 
audit to update them in the future as required. A recommen- 
dation on obtaining and maintaining hand receipts is not 
necessary since this requirement is understood and was met 


during the audit. 


Recommendation #6: Update hand receipts 
for property on loan by obtaining 
signatures at least annually or effect 


return of the property involved. 
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C/MS/ODP 
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REMARKS: 
Draft of recent Audit 

Report. Please review and 

phone or send comments to 


EXO or 1 by COB 
20 August. 


FROM: DDA 


ROOM NO. | BUILDIN@*-D-O0 HOS: 


FORM NO. 241 REPLACES FORM 36-8 (47) 
1 FEB 55 WHICH MAY BE USED. 
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